Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/XVvLBTwg99v8jSp0sJOg27JNTQc.roa
File: XVvLBTwg99v8jSp0sJOg27JNTQc.roa (raw, json)
Hash identifier: mYMr8AcGWDMbHP36+HLJKZOohuCkUE2PX6DgeJ7a5rI=
Subject key identifier: 5D:5B:CB:05:3C:20:F7:DB:FC:8D:2A:74:B0:93:A0:DB:B2:4D:4D:07
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 07DAE6BF
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/XVvLBTwg99v8jSp0sJOg27JNTQc.roa
Signing time: Sat 01 Jan 2022 05:52:45 +0000
ROA not before: Sat 01 Jan 2022 05:52:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202592
IP address blocks: 185.96.57.0/24 maxlen: 24
185.96.56.0/22 maxlen: 22
185.96.56.0/24 maxlen: 24
194.38.48.0/22 maxlen: 22
193.168.200.0/24 maxlen: 24
193.168.200.0/22 maxlen: 22
193.168.201.0/24 maxlen: 24
193.160.220.0/22 maxlen: 22
185.136.16.0/22 maxlen: 22
185.136.19.0/24 maxlen: 24
185.136.18.0/24 maxlen: 24
45.12.100.0/22 maxlen: 22
2a05:ff01::/32 maxlen: 32
2a05:ff00:2::/48 maxlen: 48
2a05:ff00:1::/48 maxlen: 48
2a05:ff00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131786431 (0x7dae6bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 1 05:52:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d5bcb053c20f7dbfc8d2a74b093a0dbb24d4d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f3:94:69:42:fd:74:b1:01:c9:80:88:32:cf:
8e:f2:49:a6:81:e9:9b:e4:1b:c5:32:8d:25:ae:78:
45:a7:31:b6:2d:39:0a:61:38:27:c7:34:dc:c1:72:
7f:ef:03:b7:99:2e:98:92:ed:ad:ca:a7:be:ea:ad:
54:3f:d2:ed:b5:5a:2d:bd:17:8c:c2:62:74:a0:f1:
88:20:2c:1e:f3:9a:e8:f5:13:89:a2:51:1c:0a:3c:
00:0a:e7:1d:2d:3c:4b:b1:87:0f:11:24:af:d7:e1:
5d:4b:35:4f:72:3a:e1:d2:87:24:b7:ad:b4:77:d6:
ca:a3:81:7b:a6:03:de:51:ae:f0:8f:89:9b:10:7d:
b9:90:ae:a9:1a:5b:80:e2:32:c7:26:fa:e4:0a:1e:
b8:e2:1d:06:e2:64:2e:76:bc:7c:b8:ea:aa:eb:c4:
c3:e8:e3:1a:e1:9b:49:66:6c:3f:72:9e:44:56:fe:
85:9b:bb:f6:28:67:27:f2:22:81:6c:c5:fb:ef:13:
d6:22:3f:78:01:84:e3:d2:28:27:10:a2:a2:bf:34:
8a:ea:15:ff:ad:48:7a:6e:47:e5:fc:c7:dc:ec:53:
96:1b:d5:82:98:82:d1:f2:0c:47:f1:a5:b4:c8:8d:
11:f7:f4:bd:44:08:21:30:1f:d6:c3:a6:18:66:34:
52:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:5B:CB:05:3C:20:F7:DB:FC:8D:2A:74:B0:93:A0:DB:B2:4D:4D:07
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/XVvLBTwg99v8jSp0sJOg27JNTQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.100.0/22
185.96.56.0/22
185.136.16.0/22
193.160.220.0/22
193.168.200.0/22
194.38.48.0/22
IPv6:
2a05:ff00::/31
Signature Algorithm: sha256WithRSAEncryption
24:63:17:72:cf:54:ca:2b:56:64:7c:41:e1:f4:44:ca:99:84:
b0:86:85:3d:11:f3:a2:d9:97:8a:45:f7:4d:0c:43:aa:f7:fc:
44:42:3d:eb:d7:db:2f:bc:cd:48:d4:04:77:96:2b:76:4d:e1:
0a:ed:d6:aa:d2:35:ab:f1:58:e2:fa:c4:b6:b0:10:bb:13:77:
37:84:5a:0a:7b:ec:44:a0:13:6c:fd:79:56:f5:11:42:fc:54:
0a:45:42:ad:f4:b8:75:cf:aa:ca:36:ef:e3:fc:27:1e:7e:fa:
42:e9:c2:7a:20:22:12:16:df:24:7d:e2:6d:56:32:9e:8b:9c:
13:9a:49:6b:17:c4:b5:7b:6e:db:d5:b5:6f:14:84:33:23:7a:
73:c8:31:51:f4:62:c5:7f:e8:3f:f7:10:4d:32:a5:b8:71:62:
da:bc:a3:e1:d8:a3:ad:84:8c:97:1c:e7:2c:47:a8:20:45:bd:
f2:a9:ca:ca:cb:d3:b3:29:d9:66:85:6e:e9:27:9d:fc:bd:21:
b1:d0:67:09:4e:19:8f:da:8a:d9:0e:93:22:fc:14:19:52:08:
e6:fe:f2:52:d9:12:80:2d:b0:92:b6:c6:9b:ef:22:cb:77:9d:
c9:99:f6:2b:b0:25:6e:ef:f3:bf:51:e4:67:d2:e2:31:b9:c3:
99:b3:a9:ef
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEB9rmvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDhkYTljZjAwZDRkNThiODU0ZmZjNjIwMTBmMjM1YjA2ZGYzNTRhMB4XDTIyMDEw
MTA1NTI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ1YmNiMDUzYzIw
ZjdkYmZjOGQyYTc0YjA5M2EwZGJiMjRkNGQwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDzlGlC/XSxAcmAiDLPjvJJpoHpm+QbxTKNJa54Racxti05
CmE4J8c03MFyf+8Dt5kumJLtrcqnvuqtVD/S7bVaLb0XjMJidKDxiCAsHvOa6PUT
iaJRHAo8AArnHS08S7GHDxEkr9fhXUs1T3I64dKHJLettHfWyqOBe6YD3lGu8I+J
mxB9uZCuqRpbgOIyxyb65AoeuOIdBuJkLna8fLjqquvEw+jjGuGbSWZsP3KeRFb+
hZu79ihnJ/IigWzF++8T1iI/eAGE49IoJxCior80iuoV/61Iem5H5fzH3OxTlhvV
gpiC0fIMR/GltMiNEff0vUQIITAf1sOmGGY0Ut8CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRdW8sFPCD32/yNKnSwk6Dbsk1NBzAfBgNVHSMEGDAWgBTQjanPANTVi4VP
/GIBDyNbBt81SjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBJMnB6d0RVMVl1RlRfeGlBUThqV3diZk5Vby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvZmViZWY4LWEwZWEtNGM3ZS04ODA2LTIwZTE5NzgwY2IyZS8x
L1hWdkxCVHdnOTl2OGpTcDBzSk9nMjdKTlRRYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
ZmViZWY4LWEwZWEtNGM3ZS04ODA2LTIwZTE5NzgwY2IyZS8xLzBJMnB6d0RVMVl1
RlRfeGlBUThqV3diZk5Vby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAi0MZAMEArlgOAMEArmIEAMEAsGg
3AMEAsGoyAMEAsImMDANBAIAAjAHAwUBKgX/ADANBgkqhkiG9w0BAQsFAAOCAQEA
JGMXcs9UyitWZHxB4fREypmEsIaFPRHzotmXikX3TQxDqvf8REI969fbL7zNSNQE
d5Yrdk3hCu3WqtI1q/FY4vrEtrAQuxN3N4RaCnvsRKATbP15VvURQvxUCkVCrfS4
dc+qyjbv4/wnHn76QunCeiAiEhbfJH3ibVYynoucE5pJaxfEtXtu29W1bxSEMyN6
c8gxUfRixX/oP/cQTTKluHFi2ryj4dijrYSMlxznLEeoIEW98qnKysvTsynZZoVu
6Sed/L0hsdBnCU4Zj9qK2Q6TIvwUGVII5v7yUtkSgC2wkrbGm+8iy3edyZn2K7Al
bu/zv1HkZ9LiMbnDmbOp7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:23 2024 by rpki-client on console-ams.rpki-client.org